<!DOCTYPE html>
<html>
<head>
  <?php require './confg.php'; 
  $isAdmin=false;
  if (isset($_COOKIE['username']) && isset($_COOKIE['password'])) {
    $result = mysqli_query($con,"SELECT password FROM members where username='$_COOKIE[username]'") or die(mysqli_error($con));
    $rowdata = mysqli_fetch_array($result);
    if ($_COOKIE['password'] !=  $rowdata['password']) {    
      header('Location: login.html');
    } else if($_COOKIE['username']=="admin"){
      $isAdmin=true;
    }else{
      $isAdmin=false;
    }
  } else {
    header('Location: login.html');
  }
  ?>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
  <title>Login</title>
  <link rel="stylesheet" href="bootstrap/css/bootstrap.min.css">
  <link rel="stylesheet" href="bootstrap/css/bootstrap.css">
  <link rel="stylesheet" href="bootstrap/css/bootstrap-responsive.min.css">
  <link rel="stylesheet" href="bootstrap/css/abhi.css">
  <style type="text/css">
  body,td,th {
    font-family: Ubuntu, Tahoma, sans-serif;
    color: rgb(255,255,255);
  }
  .body {
    background-color: white;
  }
  .tabs-left > .nav-tabs .active > a, .tabs-left > .nav-tabs .active > a:hover, .tabs-left > .nav-tabs .active > a:focus{
    border-color: rgb(173, 173, 173) transparent rgb(179, 179, 179) rgb(204, 204, 204);
    box-shadow: inset 0px 0px 15px gray;
  }
  </style>
  <script src="bootstrap/js/jquery-1.9.1.min.js"></script> <!--Remove that bootsrap from path -->
  <script language='JavaScript' type='text/javascript' src='TDE_CMS/cmsloader.js'></script>
<script type="text/javascript">
function redir(){
 document.location.href="admin.php";
}

</script>


</head>
<body style="background-image: url('<?php echo $rowdata['backbar']; ?>');background-color:rgb(255, 255, 255);">
  <div class="container" style="max-width: 1000px">
    <div class="row-fluid">
      <div class="span12">
      </div>
    </div>
    <div class="row-fluid " style="color: white">
      <div class="span12" >
<h2 style="text-align: center;color: rgb(0, 48, 2);text-shadow: 0px 0px 81px rgb(0, 255, 0);">Manage user</h2>
      </div>
    </div>
    <div class="row-fluid body" style="
    box-shadow: 0px 0px 10px rgb(0, 0, 0);
    border-radius: 4px;">
    <div class="tabbable tabs-left" style="
    margin-left: 66px;
    margin-bottom: 50px;
    color: black;">
    <button type="submit" class="btn btn-danger" style="
      top: -70px;
      position: relative;
      left: -186px;
      " title="Go back to main page" onclick="redir();">X</button>
      <ul id="myTab" class="nav nav-tabs">
      <?php 
      if ($isAdmin==true){
        echo '<li class="active"><a href="#adduser" data-toggle="tab">Add</a></li>
        <li class=""><a href="#deleteuser" data-toggle="tab">Delete</a></li>
        <li class=""><a href="#changeuser" data-toggle="tab">Change</a></li>';
      }else{
        echo '<li class="active"><a href="#changeuser" data-toggle="tab">Change</a></li>';
      }
      ?>
      </ul>
      <div id="myTabContent" class="tab-content">
      <?php 
      if ($isAdmin==true)
        echo '<div class="tab-pane fade active in" id="adduser">';
      else
        echo '<div class="tab-pane fade in" id="adduser">';
      ?>
      <form name="login" method="post" action="update.php" class="form-horizontal" id="frmAdd">
      <div class="control-group">
      <label class="control-label" for="inputEmail">New Username</label>
      <div class="controls">
      <input type="text" id="addname" name="newusername" placeholder="Enter new username">
      </div>
      </div>
      <div class="control-group">
      <label class="control-label"  for="inputPassword">Password</label>
      <div class="controls">
      <input type="password" id="addname1" name="newpassword" placeholder="enter password">
      </div>
      </div>
      <div class="control-group">
      <label class="control-label" for="inputPassword">Confirm Password</label>
      <div class="controls">
      <input type="password" id="addname2" name="confirmpassword" placeholder="re-enter password">
      </div>
      </div>

      <div class="control-group">
      <div class="controls">
      <button type="submit" class="btn btn-inverse" >Add</button>
      </div>
      </div>
      <script>
      $("#frmAdd").submit(function(event) {
        event.preventDefault();
        var $form = $( this ),
        username = $form.find( 'input[name="newusername"]' ).val(),
        password = $form.find( 'input[name="newpassword"]' ).val(),
        cpassword = $form.find( 'input[name="confirmpassword"]' ).val(),
        url = $form.attr( 'action' );
        if(username.length>3 && password.length>=6 && cpassword.length>=6){
          var posting = $.post( url, { add:"yes" , user: username, pass: password, cpass: cpassword } );
          posting.done(function( data ) {
            switch(data){
              case "777":
              alert("Admin account already exists");
              break;
              case "200":
              alert("Username already exists");
              break;
              case "100":
              alert("Successfully added the user");
              rld();
              break;
              case "000":
              alert("Username empty");
              break;
              default:
              alert(data);
            }
          });
document.getElementById('addname').value="";
document.getElementById('addname1').value="";
document.getElementById('addname2').value="";
}else{
  alert("All fields not filled properly");
}
});
</script>
</form>
</div>

<?php 
if ($isAdmin==true){
 echo '<div class="tab-pane fade " id="deleteuser" style="margin-left:45px">';
}else{
  echo '<div class="tab-pane fade" id="deleteuser" style="margin-left:45px;visibility:hidden">';
}
?>
<form name="login" method="post" action="update.php" class="form-horizontal" id="frmDelete">
<p>
<div class="input-append">
<select name="users" id="user">
</select>
<button class="btn btn-danger" type="submit">Delete User</button>
<input type="hidden" name="delete" value="yes"><br>
</div>
</p>
<script>
function rld(){
  var posting = $.post( "update.php", { userdata:"yes" } );
  posting.done(function( data ) {
    var arri = data.split("|");
    var content="";
    for(var i = 1 ; i<arri.length ; i++){
      content=content+  "<option>" +arri[i]+"</option>";
    }
    document.getElementById('user').innerHTML=content;
    document.getElementById('cuser').innerHTML=content;
  });
}
rld();

$("#frmDelete").submit(function(event) {
  event.preventDefault();
  var $form = $( this ),
  term = $form.find( 'select[name="users"]' ).val(),
  url = $form.attr( 'action' );
  var posting = $.post( url, { delete:"yes" , users: term } );
  posting.done(function( data ) {
    switch(data){
      case "100":
      alert("Successfully deleted the user account");
      break;

      case "500":
      alert("You cannot delete admin account.")
      break;

      case "404":
      alert("Error")
      break;

      default:
      alert(data);
    }

  });
rld();
});
</script>
</form>
</div>



<?php
if ($isAdmin==true){
 echo '<div class="tab-pane fade" id="changeuser" style="margin-left:15px" >';

}else{
  echo '<div class="tab-pane fade active in" id="changeuser" style="margin-left:15px;">';
}
?>
<form name="change" method="post" action="update.php" class="form-horizontal" id="frmChange">
<p>

<div class="control-group">
<label class="control-label" for="inputPassword">Username</label>
<div class="controls">
<?php 
if ($isAdmin){
  $result = mysqli_query($con,"SELECT DISTINCT username FROM members") or die(mysqli_error($con));
  echo '<select name="users" id="cuser">';
  while($rowdata=mysqli_fetch_array($result)){
    echo "<option>".$rowdata['username']."</option>";
  }
  echo '</select>';
}else{
  echo '<input type="text" name="users" readonly="true" id="cuser" value="'.$_COOKIE[username].'">';
}
?>
</div>
</div>

<div class="control-group">
<label class="control-label" for="inputPassword">Current Password</label>
<div class="controls">
<input type="text" name="cpass" id="cpass" placeholder="Enter current password">
</div>
</div>

<div class="control-group">
<label class="control-label" for="inputPassword">New Password</label>
<div class="controls">
<input type="text" name="npass" id="npass" placeholder="Enter new password">
</div>
</div>
<div class="control-group">
<label class="control-label" for="inputPassword">Re-Enter Password</label>
<div class="controls">
<input type="text" name="cnpass" id="cnpass" placeholder="confirm new password">
</div>
</div>

<div class="control-group">
<div class="controls">
<button class="btn btn-success" type="submit">Change Password</button>
</div>
</div>
</p>
<script>
$("#frmChange").submit(function(event) {
  event.preventDefault();
  var $form = $( this );
  <?php if($isAdmin==true){
    echo 'var term = $form.find('."'select[name=".'"users"'. "]').val();";
  }
  else{
    echo 'var term = $form.find('."'input[name=".'"users"'. "]').val();";
  }
  ?>
  var curPass = $form.find( 'input[name="cpass"]' ).val();
  var newPass = $form.find( 'input[name="npass"]' ).val();
  var CnewPass = $form.find( 'input[name="cnpass"]' ).val();
  url = $form.attr( 'action' );
  if(curPass.length>=6 && newPass.length>=6 && curPass==newPass){
    alert("New password is same as old password, ignoring password change");
  }else if(newPass==CnewPass){
    var posting = $.post( url, { change:"yes" , user: term, cpass: curPass, npass:newPass} );
    posting.done(function( data ) {
      switch(data){
        case "100":
        alert("Successfully changed password.");
        document.getElementById('cpass').value="";
        document.getElementById('npass').value="";
        document.getElementById('cnpass').value="";
        break;

        case "499":
        alert("Something went wrong");
        break;

        default:
        alert(data);
      }
    });
rld();
}
});
</script>
</form>
</div>
</div>
</div>
</div>
</body>
<script type="text/javascript" src="bootstrap/js/bootstrap.js"></script>
<script type="text/javascript">
$(".collapse").collapse();
</script>
</html>